Security Focus Latest Security Advisories

Syndicate content SecurityFocus
SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
Updated: 33 min 54 sec ago

Bugtraq: [ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check

June 25, 2015 - 11:00am
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check
Categories:

Bugtraq: [ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll

June 25, 2015 - 9:45am
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll
Categories:

Bugtraq: [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure

June 25, 2015 - 8:45am
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure
Categories:

Bugtraq: [ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE

June 25, 2015 - 8:45am
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE
Categories:

Bugtraq: [ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

June 25, 2015 - 7:30am
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE
Categories:

Bugtraq: [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

June 25, 2015 - 7:30am
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS
Categories:

Bugtraq: [SECURITY] [DSA 3295-1] cacti security update

June 25, 2015 - 7:30am
[SECURITY] [DSA 3295-1] cacti security update
Categories:

Bugtraq: CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

June 25, 2015 - 7:30am
CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders
Categories:

Bugtraq: CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004

June 25, 2015 - 6:15am
CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004
Categories:

Bugtraq: [SECURITY] [DSA 3294-1] wireshark security update

June 25, 2015 - 6:15am
[SECURITY] [DSA 3294-1] wireshark security update
Categories:

Bugtraq: ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability

June 24, 2015 - 2:00pm
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability
Categories:

Bugtraq: ESA-2015-109: EMC Documentum D2 Cross-Site Scripting

June 24, 2015 - 12:45pm
ESA-2015-109: EMC Documentum D2 Cross-Site Scripting
Categories:

Bugtraq: KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass)

June 24, 2015 - 10:15am
KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass)
Categories:

Bugtraq: [security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information

June 24, 2015 - 9:00am
[security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information
Categories:

Bugtraq: The "localhosed" attack - stealing IE local machine cookies and exposing its internal IP address

June 23, 2015 - 1:15pm
The "localhosed" attack - stealing IE local machine cookies and exposing its internal IP address
Categories:

Bugtraq: ManageEngine Asset Explorer v6.1 - Persistent Vulnerability

June 23, 2015 - 1:15pm
ManageEngine Asset Explorer v6.1 - Persistent Vulnerability
Categories: